sync with develop

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,40 +1,45 @@
 ---
-name: Bug report
-about: Create a report to help us improve
-title: "[BUG]"
-labels: ''
+
+name: 🐞 Bug Report  
+about: Report something that’s broken or not working as expected in TimeTrack  
+title: "[BUG] Short and clear description"  
+labels: bug  
 assignees: ''
 
 ---
 
-**Describe the bug**
-A clear and concise description of what the bug is.
+## 🔍 Describe the Bug  
+What exactly is going wrong?  
+> Example: When exporting a report, the total hours show "NaN".
 
-**To Reproduce**
-Steps to reproduce the behavior:
-1. Go to '...'
-2. Click on '....'
-3. Scroll down to '....'
+## 🧪 Steps to Reproduce  
+How can we see the bug happen?
+1. Go to "..."
+2. Click on "..."
+3. Scroll down to "..."
 4. See error
 
-**Expected behavior**
-A clear and concise description of what you expected to happen.
+## 🤔 Expected Behavior  
+What should have happened instead?  
+> Example: The total hours should be calculated and displayed correctly.
 
-**Screenshots**
-If applicable, add screenshots to help explain your problem.
+## 🖼️ Screenshots (if applicable)  
+Add screenshots or logs if they help explain the issue.
 
-**Desktop (please complete the following information):**
- - OS: [e.g. iOS]
- - Browser [e.g. chrome, safari]
- - Version [e.g. 22]
+## 🖥️ Environment  
+**Desktop:**  
+- OS: [e.g. Windows 11]  
+- Browser: [e.g. Firefox]  
+- Version: [e.g. 124.0]
 
-**Smartphone (please complete the following information):**
- - Device: [e.g. iPhone6]
- - OS: [e.g. iOS8.1]
- - Browser [e.g. stock browser, safari]
- - Version [e.g. 22]
+**Mobile (if applicable):**  
+- Device: [e.g. Pixel 6]  
+- OS: [e.g. Android 13]  
+- Browser: [e.g. Chrome]  
+- Version: [e.g. 124.0]
 
-**TimeTrack Version**: e.g. v7.9
+## 🧭 TimeTrack Version  
+> Example: v7.12 (API v1.11)
 
-**Additional context**
-Add any other context about the problem here.
+## 🧩 Additional Context  
+Any extra info, logs, console errors, or related issues?

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,20 +1,25 @@
 ---
-name: Feature request
-about: Suggest an idea for this project
-title: "[FEATURE]"
-labels: ''
+
+name: 💡 Feature Request  
+about: Suggest an idea or improvement for TimeTrack (OpenDucks edition)  
+title: "[FEATURE] Brief and clear summary"  
+labels: enhancement  
 assignees: ''
 
 ---
 
-**Is your feature request related to a problem? Please describe.**
-A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+## 🧩 Problem Description  
+What problem are you currently facing?  
+> Example: It's hard to quickly see how many hours I worked last week.
 
-**Describe the solution you'd like**
-A clear and concise description of what you want to happen.
+## ✅ Proposed Solution  
+Describe how you’d like TimeTrack to solve this.  
+> Example: Add a weekly export button that generates a CSV or PDF.
 
-**Describe alternatives you've considered**
-A clear and concise description of any alternative solutions or features you've considered.
+## 🔁 Alternatives Considered  
+Have you tried any workarounds or alternative ideas?  
+> Example: I export daily logs manually, but it’s tedious.
 
-**Additional context**
-Add any other context or screenshots about the feature request here.
+## 🧠 Additional Context  
+Any screenshots, mockups, or links that help explain your idea better?  
+> Drop them here 👇

.github/workflows/phpmd.yml

@@ -0,0 +1,57 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# PHPMD is a spin-off project of PHP Depend and
+# aims to be a PHP equivalent of the well known Java tool PMD.
+# What PHPMD does is: It takes a given PHP source code base
+# and look for several potential problems within that source.
+# These problems can be things like:
+#   Possible bugs
+#   Suboptimal code
+#   Overcomplicated expressions
+#   Unused parameters, methods, properties
+# More details at https://phpmd.org/
+
+name: PHPMD
+
+on:
+  push:
+    branches: [ "develop" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "develop" ]
+  schedule:
+    - cron: '38 18 * * 1'
+
+permissions:
+  contents: read
+
+jobs:
+  PHPMD:
+    name: Run PHPMD scanning
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read # for checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@aa1fe473f9c687b6fb896056d771232c0bc41161
+        with:
+          coverage: none
+          tools: phpmd
+
+      - name: Run PHPMD
+        run: phpmd . sarif codesize --reportfile phpmd-results.sarif
+        continue-on-error: true
+
+      - name: Upload analysis results to GitHub
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: phpmd-results.sarif
+          wait-for-processing: true

.github/workflows/psalm.yml

@@ -0,0 +1,41 @@
+name: Psalm Security Scan
+
+on:
+  push:
+    branches: [ "develop" ]
+  pull_request:
+    branches: [ "develop" ]
+  schedule:
+    - cron: '27 5 * * 1'
+
+permissions:
+  contents: read
+
+jobs:
+  php-security:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      security-events: write
+      actions: read
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '8.2' # or your required PHP version
+          extensions: ldap
+
+      - name: Install dependencies
+        run: composer install --no-progress --prefer-dist
+
+      - name: Psalm Security Scan
+        uses: psalm/psalm-github-security-scan@f3e6fd9432bc3e44aec078572677ce9d2ef9c287
+
+      - name: Upload Security Analysis results to GitHub
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: results.sarif

CHANGELOG.md

@@ -1,5 +1,27 @@
 # CHANGELOG
 
+## v7.13.1
+
+* Fixed issues with LDAP authentication
+* Fixed an issue with setting the status of vacations
+* Fixed a php leak for the log file causing the settings page to crash when the log file is too large and php memory limit is too low
+
+## v7.13
+
+* You can now set different types of worktimes. You can specify your own ones in the `app/v1/inc/config/worktime_types.json` file. If none is set, like when using the easymode, mode `0` will be used. Added `Wtype` parameter to `WorktimeAdded` event.
+* Toil API release `1.12`: added Bearer token authentication, fixed an issue with the `addOwnWorktime` and `addWorktime` endpoints.
+* Fixed an issue allowing normal users to reset all PINs for the CodeClock plugin
+* Fixed some typos in some of the error messages
+* Reworked the way status messages are displayed and used. Implemented a new `StatusMessage` class to handle status messages which can also be used by plugins.
+
+## v7.12.1
+
+* Updated `README.md`
+* Updated Plugin template
+* You can now set the timezone within `app.json` (see `README.md` for more information)
+* Fixed an issue with the generatedExport event
+* Fixed db migrations for first user creation
+
 ## v7.12
 
 * Added a simple Favicon

README.md

@@ -1,6 +1,6 @@
 # TimeTrack - small enterprise time recording
 
-TimeTrack aims to be a easy-to-use time recording software for small enterprises.
+TimeTrack aims to be an easy-to-use time recording software for small enterprises.
 It's a fork from TimeTrack Oval, v6.2 (license-based model, within cloud & more features)
 
 ## Features
@@ -14,9 +14,9 @@ It's a fork from TimeTrack Oval, v6.2 (license-based model, within cloud & more
 - Maintenance mode
 - Easy and fast installation
 - LDAP Authentication
-
-That's not even all of it, you can also generate timesheets (PDF) to export, user creation menu, an "easymode" to make it even easier to track your time and a mobile-friendly UI.
-Additional functionality can be unlocked with TimeTrack Oval
+- Supporting NFC Login
+- Plugin Support
+- Exporting to PDF/CSV
 
 ## Installation
 
@@ -63,15 +63,15 @@ In step 2, you need to configure the `app.json.sample` within the `api/v1/inc` f
 - `port`: Specify a custom port or change the port if you do not want to use encryption
 - `usessl`: Specify if you want to use STARTTLS (false) after initial communication or use SSL (true)
 
-If you plan to use this system with a Gmail-Account, please be aware that you are not able to use your usual password. You would have to create a seperate `App Password`, you should note down.
+If you plan to use this system with a Gmail-Account, please be aware that you are not able to use your usual password. You would have to create a seperete `App Password`, you should note down.
 You can do this following this link: <https://myaccount.google.com/u/0/apppasswords> or by navigating from <https://accounts.google.com> to `Security` > `2-Factor Authentication` > `App Passwords`. If you do not see this option on screen, use the link.
 
 #### **Plugins** (Read more at `/api/v1/classes/plugins/docs`)
 
 - `plugins`: Specify if you want to enable or disable plugins (default: true)
 - `path`: Plugins path (default: `/api/v1/classes/plugins/plugins`)
 - `data`: Data path for plugins, relative from the `path` variable (default: `data`)
-- `testing`: Specify if the testing mode is enabled or not. If enabled, plugins which are not bundled within an phar archive are working aswell (e.g. just the source code within the plugins folder).
+- `testing`: Specify if the testing mode is enabled or not. If enabled, plugins which are not bundled within an phar archive are working as well (e.g. just the source code within the plugins folder).
 
 #### **LDAP**
 
@@ -103,7 +103,7 @@ After configuring, please rename the `app.json.sample` to `app.json` (`mv app.js
 
 ## Maintenance Mode
 
-To enable the maintenance mode, simply rename the `api/inc/.MAINTENANCE` to `MAINTENANCE` (without the dot) to enable the functionality. No one will be able to access the application, aswell as administrators.
+To enable the maintenance mode, simply rename the `api/v1/inc/.MAINTENANCE` to `MAINTENANCE` (without the dot) to enable the functionality. No one will be able to access the application, as well as administrators.
 Disabling is done by renaming the file again.
 
 ## Permissions
@@ -138,7 +138,7 @@ If above mentioned setting is set to `false` you have to create a user on your o
 The `ExportModule` allows you to export your data in any format as long as you have a `ExportModule` defined for it.
 TimeTrack ships the `PDFExportModule` and `CSVExportModule` which allows you to export your data in PDF/CSV format through your browser/file.
 
-You can define your own `ExporModules` by creating a new class in `api/v1/class/exports/modules/MyExportExportModule/MyExportExportModule.em.arbeit.inc.php` and implementing the `ExportModuleInterface` interface found in `api/v1/class/exports/modules/ExportModuleInterface.em.arbeit.inc.php`.
+You can define your own `ExportModules` by creating a new class in `api/v1/class/exports/modules/MyExportExportModule/MyExportExportModule.em.arbeit.inc.php` and implementing the `ExportModuleInterface` interface found in `api/v1/class/exports/modules/ExportModuleInterface.em.arbeit.inc.php`.
 
 You can then use your new `MyExportExportModule` the following:
 
@@ -157,7 +157,7 @@ $arbeit->exportModule()->getExportModule("MyExportExportModule")->export($data);
 
 ```
 
-As there is currently no Export Area in the UI you have to create the GUI elements on your own.
+All existing export modules can be accessed with the `ExportManager` Plugin.
 You can specify your own CSS file within the `app.json` `exports -> pdf -> css` setting (full path) - the default is `api/v1/class/exports/modules/PDFExportModule/css/index.css`
 
 ## QR codes
@@ -188,4 +188,22 @@ If downloaded any other way, just make sure to copy and paste the new files into
 
 ### Database
 
-You can update the database by using `vendor/bin/phinx migrate` to migrate to latest release or `vendor/bin/phinx rollback` to rollback.
+You can update the database by using `vendor/bin/phinx migrate` to migrate to latest release or `vendor/bin/phinx rollback` to rollback.
+
+## Managed Hosting
+
+If you don't want to worry about installation, updates and maintenance - let us do it for you.
+
+With our managed TimeTrack hosting, you get:
+
+* 🛡️ Fully GDPR-compliant hosting in Germany or Netherlands
+* 🚀 Always up-to-date with the latest features and security patches
+* 🔐 Secure HTTPS out-of-the-box
+* ☁  Backups, monitoring and support included
+* 🧩 Custom plugins, integration, branding
+
+Want to move your team to the cloud? Check out our <a href="https://openducks.org/timetrack.php">website</a> for more information.
+
+## License
+
+The original project is licensed under the GPLv3 license - see the [LICENSE](LICENSE) file for details.

VERSION

@@ -1 +1 @@
-7.12
+7.13.1